Ironically enough, the author of the first 3rd party plug-ins for the new VirtualCenter 2.5, Andrew Kutz, is also the one that has to warn about the security risks implied in using any non-VMware plug-in:
…
During the development of the Console plugin I had to register a message filter on the primary message loop to capture input for the SSH “terminal.” I was not sure if the VI client would allow me to do this, as the ability to so has nasty implications. Well, it does, and it does.
…
VMware has been informed of this flaw, and provided with a solution.
…
Try using the CheckForMsgFiler.exe application that comes with the KeySniffer client plugin. This application checks a given assembly and notifies the user if said assembly has any contains types that implement the IMessageFiler interface…
To proof the concept Andrew developed a malicious plug-in, KeySniffer, able to record any keystroke typed in the VirtualCenter GUI. Try it here.